1 Regtech Proof of Concept Peer to Peer KYC Solution Background KYC is one of the big talking points when it comes to regulations and regtech. KYC is done by financial institutions to identify the person or company they will be dealing with. KYC is one of the solutions to reduce and detect Anti money laundering activities. Therefore it is crucial to make sure KYC is done in an effective and timely manner. Problem to be solved KYC is huge area where financial institutions have been facing trouble to come up with a viable solution. According to Fernergo, financial institutions on average spend 30-35 Million on KYC costs per year. We need to come up with a cost saving solution that also makes the process secure and reliable to be implemented across banks. The Fernergo survey also mentions the huge amount of time taken by banks to onboard corporate customers, on average they 30-60 days per customer. The current processes are time consuming, involve huge costs, error prone as there is still manual work being done. Banks have been penalized by regulatory authorities, when they don’t comply with regulatory norms. Bank have to follow strict KYC rules due to which banks lose business if a client is unsatisfied. On top of that they have to pay hefty penalties if don’t comply. There has never been a central database which can be accessed by different bank departments when data is needed. This causes delay in the KYC process. The KYC problem issue grows larger when a person operates multiple accounts with different banks, this complicates the matters furthur since now all these accounts need to be tracked and verified if they are legit or being used for money laundering purposes. Sometimes due tod different authorities in different countries issue different types of documents, which causes difficulties for the banks to create a single verifiable identity for the customer, which again costs time effort and potential loss of business. According to Refinitiv, The estimated cost of money laundered across the globe every year is a breathtaking 6.7% of global GDP, equivalent to $5.8 trillion. Therefore a proper KYC and AML system needs to be in place, to be able to detect these transactions and stop them at source. KYC is a subset of anti money laundering framework, and has a huge effect on this framework when we are able to identify whether an account belongs to an actual person or he/she is a fake account being used for money laundering. According to Refinitiv, documents must be verified to ensure that they are not fraudulent, but further elements to consider include: 2 Are the customers screened sanctions, other watchlists, PEPs, as per the risk appetite? Are they screened against adverse media? Does the solution generate a transparent risk score for each customer? Are the checks being completed in real time and is there a review workflow? Are liveness and facial matching checks conducted? Is the data available in machine-readable format for backend systems to consume? This is a long process that should be done deligently. Therefore the banks afford to go easy on the process, which causes them to be extra causious which in turn increase the amount of false positives that come out from the process. One of the biggest issues during the KYC process is getting false positives which takes extra time and resources to solve and investigate. Firms cannot ignore these false positives as they might get fines from the regulators if anything goes wrong. Another challenge faced by financial institutions is Siloed data, wherein different departments of the firm are not able to access data quickly from other departments which causes different risk decisions for customers, which inturn causes a lot of confusion. A lot of KYC procedures are done manually which are error prone. Even if there is a maker checker system, there are chances of checker making a mistake, this maybe the cause for huge fine from a regulator towards the institution. Transaction analysis is done to see if there are any red flags, but the data is raw data, and often inside an excel file which would lot of manual analysis to get it done. Since all transactions are of different nature as well as frequency, going through each transaction for accuracy can be time consuming. If banks are not unable to use descriptive statistics, instead of going through all transactions one by one, this could cost money as well as time for the bank. Institutions continue to face difficulties with the authenticity and reliability of global sanctions lists since customer information and names are frequently maintained in various formats across numerous databases and there are frequently not enough sources to allow for accurate name matching. This makes it more difficult for institutions to integrate various data sources together for investigative reasons and discover ownership arrangements. Additionally, a significant number of false positives may be produced as a result of incomplete and poor quality data. This is a problem in especially for international correspondent banking transactions because a mistake in a bank's name might result in several false positives throughout the entire chain of institutions. Huge backlogs that must be manually investigated might be caused by unmanageable numbers of false positives. If ignored, these raise the risk of regulatory compliance. 3 Name screening is difficult enough for those using novel AI capabilities, however, many institutions still rely on legacy technology with more primitive matching logic, further increasing the likelihood of generating false positives when identifying risks. Worse still, institutions using manual methods for name screening lack the ability to check names at scale and can quickly become overwhelmed with onboarding volumes. Institutions cross-check or "screen" the names of people, organisations, or other entities against national or international sanctions lists as part of the onboarding process. Various public lists are made available worldwide. For instance, the UK government publishes the UK Sanctions List, which contains information about those who have been targeted by the Sanctions Act. Names are checked against sanctions lists as part of regular customer monitoring at intervals determined by the risk that the consumer poses to the company from financial crime.The names of counter-parties and payment beneficiaries must be compared to sanctions lists in order to screen payments and other transactions on a regular basis. To provide a detailed view of client activities, transaction monitoring analyses both historical and recent customer transactions. This is a more sophisticated method of spotting behavioural patterns linked to sanction evasion. The client relationship must be terminated, connected transactions must be stopped, relevant assets must be frozen, and the occurrence must be reported to the appropriate national authorities if matches to sanctioned entities are found (e.g. OFAC, OFSI). Due to the complexity of the present sanctions environment and the frequently lengthy delay times or a lack of data necessary to make knowledgeable judgements on a customer or client profile, current techniques of identification are insufficient to manage and reduce sanctions risk. Even though many current AML (anti-money laundering) and KYC (know your customer) processes are comprehensive, involving numerous stakeholders and verification steps, there are numerous manual tasks that must be finished before verifying and monitoring individuals and institutions, which can cause delays and inaccuracies. It is possible for missing data to occur when processing profiles and transactions on older systems, which results in a missing picture when analysing partners or clients. There is a lack of standardisation or a single source of truth from which information can be gathered on customers and companies across markets. Depending on the resources allotted, some institutions have better KYC, compliance, and due diligence programmes than others. Solution Peer to Peer KYC looks promising. Building a P2P platform, where existing customers get an incentive to do the KYC for the bank and they get rewarded in a 4 cryptocurrency(created for the sole purpose of this) which then can be used to avail bank services as well as exchange it for any other currency in the open market. This platform can then be linked to a blockchain where, one person does the KYC of the particular customer and other look at the outcome from the result of the KYC and give their consensus to the approval or rejection of the KYC. The person doing the main due diligence would be paid more than the other people who are just providing their consensus, that is how we can encourage more existing customers to help with the KYC process. This platform can then be integrated with bank’s system so the KYC decisions go through additional layer of security which will be bank’s experienced employees. The people who will be conducting the KYC will chosen randomly, so there is no way of the customer knowing who will be doing their KYC, which will possibly prevent the chance of people bribing other people to clear them. And of course, another level of security is added but the consesus machanism from the blockchain. All the accepted KYCs would be saved as blocks on the blockchain and the rejected ones would go through an additional KYC requirement from another person to reduce the risk of human error made by the first person. This solution will have to be integrated with the banks website or app wherein the KYC process is carried out in the front, like data collection etc. Once the data collection process is done, our solution will set up a KYC process and assign one of the peer participats to the new customer that needs to onboarded. Once all the checks are done the files would go to the nodes for their consensus,these nodes will have multiple option from which they can choose which data point needs to focused on. For example, driving license, these nodes would have the option to check dates, name, whether the document submitted is an original. If consensus is achieved, then the file is recorded on the block as an accepted customer. Then banks can proceed to open their account. This database would be accessible by banks and they can also check if any customers that had red flags and they got approved after rejection, just to be on the safe side. The integration with legacy systems might be difficult because each bank has their own way of doing things, but therefore we need to focus on the solution being flexible enough to be adopted by various banks. Problems P2P KYC can solve : Time saving – If we are able to properly incentivize the existing customers to carry out the KYC process, it would speed up the onboarding process as huge amounts of customers would be interested a bit of extra money for some work. Cost effective – Bank would need to invest a lot in building the infrastructure, but in the long run this would be more cost effective as it would cut down lots of costs. Dectecting and dealing with false positives - Since there is a consensus machanism behind the process, the false positives would detected and solved quickly. This would reduce the customer onboarding time and save money for the bank. 5 The blockchain can be a shared database – Banks can this database between one another and which could pave the way for “Single KYC” wherein a person completes KYC once and never has to do it again as the database is shared and different banks and companies can just pull out the data from this database and complete the KYC. Challenges P2P KYC can face while implementation : Training the customers – Training the customers to carry out the KYC process could make it troublesome for the bank. These could be huge costs if they aren’t automated, for example bank employees currently handling the process record videos regarding the processes. Data privacy – The customers that are participating in the incentize programme would be handling a lot of customer onboarding data, which could be risky considering the aren’t the bank’s employees. But this could be solved with an agreement between bank and the participants before they start the programme. Development of the Crytocurrency – The crytocurrency would need to be of some value so we could able to incentivize people into P2P KYC, which could be difficult as it depends on demand and supply. Maybe we could implement it as stable coins linked to bank’s reserves.